adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
52,170 Commits 27 Branches 1,043 Tags
53ea7e577fc516d751ccd493555eb336f27dd160
Commit Graph

563 Commits

Author SHA1 Message Date
p0w1 f63a2a6e58 add badchar 2019-04-25 18:24:26 +02:00
@shellfail 985285d880 Update modules/exploits/windows/misc/ais_esel_server_rce.rb 
Co-Authored-By: p0w1 <39155277+p0w1@users.noreply.github.com>
 2019-04-25 18:05:50 +02:00
@shellfail 98b054b8a4 Update modules/exploits/windows/misc/ais_esel_server_rce.rb 
Co-Authored-By: p0w1 <39155277+p0w1@users.noreply.github.com>
 2019-04-25 18:05:43 +02:00
@shellfail 537f55e9da Update modules/exploits/windows/misc/ais_esel_server_rce.rb 
Co-Authored-By: p0w1 <39155277+p0w1@users.noreply.github.com>
 2019-04-25 18:05:32 +02:00
@shellfail 9206bd404d Update modules/exploits/windows/misc/ais_esel_server_rce.rb 
Co-Authored-By: p0w1 <39155277+p0w1@users.noreply.github.com>
 2019-04-25 18:05:22 +02:00
@shellfail 46f4473ade Update modules/exploits/windows/misc/ais_esel_server_rce.rb 
Co-Authored-By: p0w1 <39155277+p0w1@users.noreply.github.com>
 2019-04-25 18:05:14 +02:00
bcoles 5d4de2c715 Update modules/exploits/windows/misc/ais_esel_server_rce.rb 
Co-Authored-By: p0w1 <39155277+p0w1@users.noreply.github.com>
 2019-04-25 18:04:56 +02:00
bcoles 77dce74789 Update modules/exploits/windows/misc/ais_esel_server_rce.rb 
Co-Authored-By: p0w1 <39155277+p0w1@users.noreply.github.com>
 2019-04-25 18:04:04 +02:00
@shellfail 38e95dd311 Update modules/exploits/windows/misc/ais_esel_server_rce.rb 
Co-Authored-By: p0w1 <39155277+p0w1@users.noreply.github.com>
 2019-04-25 18:02:56 +02:00
@shellfail 0b09759621 Update modules/exploits/windows/misc/ais_esel_server_rce.rb 
Co-Authored-By: p0w1 <39155277+p0w1@users.noreply.github.com>
 2019-04-25 18:02:44 +02:00
@shellfail 4e85f5f731 Update modules/exploits/windows/misc/ais_esel_server_rce.rb 
Co-Authored-By: p0w1 <39155277+p0w1@users.noreply.github.com>
 2019-04-25 18:02:30 +02:00
@shellfail 59e4df759a Update modules/exploits/windows/misc/ais_esel_server_rce.rb 
Co-Authored-By: p0w1 <39155277+p0w1@users.noreply.github.com>
 2019-04-25 18:01:38 +02:00
@shellfail 376925e619 Update modules/exploits/windows/misc/ais_esel_server_rce.rb 
Co-Authored-By: p0w1 <39155277+p0w1@users.noreply.github.com>
 2019-04-25 18:01:27 +02:00
@shellfail cecc9e210c Update modules/exploits/windows/misc/ais_esel_server_rce.rb 
Co-Authored-By: p0w1 <39155277+p0w1@users.noreply.github.com>
 2019-04-25 18:01:15 +02:00
p0w1 1e0ab44033 Fix Space EOL 2019-03-28 10:56:59 +01:00
p0w1 0470e76f45 Fix Code Style 2019-03-28 10:56:12 +01:00
p0w1 430c2f42b1 Fix Code Style 2019-03-28 10:03:11 +01:00
p0w1 19324ee6b9 Fix EOL 2019-03-27 17:13:54 +01:00
p0w1 6175870c55 Style Fixes 2019-03-27 17:12:08 +01:00
p0w1 b95b8988ad Remove Space at EOL 2019-03-27 11:20:53 +01:00
p0w1 ee50471bb5 Fix check function 2019-03-27 11:12:07 +01:00
p0w1 5fd5725a34 Added RCE Exploit for logistcs software 2019-03-27 10:23:49 +01:00
Brent Cook ddef5b4961 MSF5: Remove unneeded RHOST deregister in scanners 
With Metasploit 5, RHOST and RHOSTS are aliases, so no need to
deregister one or the other, as they are the same option. Deregistering
one deregisters both.
 2019-03-05 13:04:49 -06:00
Brendan Coles 24f807490f revisionism 2019-01-10 19:19:14 +00:00
Wei Chen 8ffd9e47b0 Up to date PR10429 2018-12-12 13:30:58 -06:00
Wei Chen 96c281daef Add send_not_found and module documentation for webdav_delivery 2018-12-12 13:26:46 -06:00
Spencer McIntyre caf76a6555 Add applicable notes to my exploit modules 2018-10-27 20:54:14 -04:00
Brent Cook a814899dc2 Land #10660, deregister RHOSTS as well as RHOST 2018-09-17 22:26:37 -05:00
Brent Cook 1aabf8d83f deregister RHOSTS as well 2018-09-17 22:26:16 -05:00
William Vu 4c036e70c1 Fix http://seclists.org links to https:// 
I have no idea how this happened in my own code. I was seeing https://.
 2018-09-15 18:54:45 -05:00
Jacob Robles 9d3e1c1942 Land #10540, weblogic_deserialize, add check method and linux target 2018-08-30 06:08:03 -05:00
Jacob Robles 94e8cdac37 Move files to correct location 2018-08-28 12:38:54 -05:00
Jacob Robles 2986a9538d Whitespace fix 2018-08-28 11:53:08 -05:00
Jacob Robles 49c5a91fa7 Add linux target to weblogic_deserialize module 2018-08-28 11:51:04 -05:00
Jacob Robles 12e9cf6af7 Version output 2018-08-28 08:20:02 -05:00
Jacob Robles f92d2263d0 Add check to weblogic_deserialize module 2018-08-28 08:09:30 -05:00
Christian Mehlmauer a66556b436 fix msftidy errors 2018-08-28 13:12:43 +02:00
Wei Chen 9122c5945e Add a comment explaining the last sleep(10) 2018-08-09 14:51:56 -05:00
James Cook c5903dc767 Travis and Format fixes 
Fixed some formating issues pointed out by @Green-m.
Changed disclosure date format for travis.
 2018-08-09 10:29:34 -07:00
Jacob Robles 66e5685ed2 Moved to exploit/windows 2018-08-09 11:35:14 -05:00
James Cook f2d2e0fce6 Add webdav delivery module 
This module simplifies the rundll32.exe Application Whitelisting Bypass technique.
The module creates a webdav server that hosts a dll file. When the user types the provided rundll32
command on a system, rundll32 will load the dll remotly and execute the provided export function.
The export function needs to be valid, but the default meterpreter function can be anything.
The process does write the dll to C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\TfsStore\Tfs_DAV
but does not load the dll from that location. This file should be removed after execution.
The extension can be anything you'd like, but you don't have to use one. Two files will be
written to disk. One named the requested name and one with a dll extension attached.
 2018-08-07 11:56:54 -07:00
asoto-r7 1a3a4ef5e4 Revised 88 aux and exploit modules to add CVEs / references 2018-07-12 17:34:52 -05:00
Jacob Robles b2cb4c425d Land #9594, CloudMe Sync v1.10.9 Buffer Overflow 2018-02-20 17:49:19 -06:00
Jacob Robles 6a62ca15e7 Remove NOPS 
[ticket: #9594]
 2018-02-20 17:40:33 -06:00
Daniel Teixeira 745ad4d727 CloudMe Sync Client BoF 2018-02-20 21:57:13 +00:00
Jacob Robles d02bf40d69 Modified Exploit 
Remove NOPS that weren't needed and freed up space for a larger payload.

[ticket: #9561]
 2018-02-20 15:35:43 -06:00
Daniel Teixeira 651ddbb7eb Disk Savvy Server Buffer Overflow 2018-02-15 10:09:07 +00:00
Daniel Teixeira 929027ab96 Disk Savvy Server Buffer Overflow 2018-02-14 20:35:32 +00:00
Wei Chen dd737c3bc8 Land #9317, remove multiple deprecated modules 
Land #9317

The following modules are replaced by the following:

auxiliary/scanner/discovery/udp_probe
is replaced by:
auxiliary/scanner/discovery/udp_sweep

exploit/unix/webapp/wp_ninja_forms_unauthenticated_file_upload
is replaced by:
exploit/multi/http/wp_ninja_forms_unauthenticated_file_upload

exploit/windows/misc/regsvr32_applocker_bypass_server
is replaced by:
exploits/multi/script/web_delivery
 2018-01-10 15:47:20 -06:00
Wei Chen 777e383568 Land #9377, Add HPE iMC dbman RestoreDBase Unauthenticated RCE exploit 
Land #9377
 2018-01-09 13:56:53 -06:00